package com.dave.gd.facade.shiro;

import java.util.List;

import javax.annotation.Resource;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.cache.Cache;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.SimplePrincipalCollection;
import org.apache.shiro.subject.Subject;

import com.dave.gd.config.OnleduConstant;
import com.dave.gd.core.shiro.CaptchaUsernamePasswordToken;
import com.dave.gd.core.shiro.ShiroUser;
import com.dave.gd.service.IPermissionService;
import com.dave.gd.sysmgr.domain.entity.Permission;
import com.dave.gd.sysmgr.domain.entity.User;

public class MyShiroRealm extends AuthorizingRealm
{
	 // 用于获取用户信息及用户权限信息的业务接口 
	@Resource
	private IPermissionService permitService;
	
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals)
	{
		ShiroUser shiroUser = (ShiroUser)principals.fromRealm(getName()).iterator().next();
		String accountName = shiroUser.getAccount();
		if(accountName != null){
			SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
			List<Permission> permissions = permitService.findPermissionListByUserId(shiroUser.getUserId());
			if(permissions != null&& permissions.size() != 0){
				for(Permission p:permissions){
					info.addStringPermission(p.getShiroid());
				}
				return info;
			}
		}
		return null;
	}
	
	// 获取认证信息
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken)throws AuthenticationException
	{
		CaptchaUsernamePasswordToken token = (CaptchaUsernamePasswordToken) authcToken;
		String accountName = token.getUsername();
		if(accountName != null && !"".equals(accountName)){
			User user = permitService.findUserByUname(accountName);
			if(user != null){
				Subject subject = SecurityUtils.getSubject();
				ShiroUser shiroUser = new ShiroUser(user.getId(), user.getUname());
				subject.getSession().setAttribute(OnleduConstant.SHIRO_USER, shiroUser);
				return new SimpleAuthenticationInfo(shiroUser, user.getPwd(), getName());
			}
		}
		return null;
	}
	
	/**
	 * 更新用户授权信息缓存.
	 */

	public void clearCachedAuthorizationInfo(String principal )
	{
		SimplePrincipalCollection principals = new SimplePrincipalCollection(
		principal, getName());
		clearCachedAuthorizationInfo(principals);
	}

	/**
	 * 清除所有用户授权信息缓存.
	 */

	public void clearAllCachedAuthorizationInfo()
	{
		Cache<Object, AuthorizationInfo> cache = getAuthorizationCache();
		if (cache != null)
		{
			for (Object key : cache.keys())
			{
				cache.remove(key);
			}
		}
	}

	//验证码校验
	protected boolean doCaptchaValidate(CaptchaUsernamePasswordToken token)
	{
		/*String captcha = (String) ServletActionContext.getRequest().getSession().getAttribute(com.google.code.kaptcha.Constants.KAPTCHA_SESSION_KEY);
		if (captcha != null &&!captcha.equalsIgnoreCase(token.getCaptcha()))
		{
			throw new IncorrectCaptchaException("验证码错误！");
		}*/
		return true;
	}
}
